took the CISSP

TrainingDazeTrainingDaze Member Posts: 62 ■■□□□□□□□□
I took the CISSP exam yesterday. I'd been studying on and off for a while now but because of classes and other endeavors I just haven't had the time to prepare myself to actually take it. With classes starting up next week I saw an open seat and thought I'd give it a shot. :D

- about an hour into the exam I realized the strategy of taking a shot at the exam and then just retaking it if I fail is a horrible idea, the CISSP is a grueling experience and I wouldn't want to go through it again.

- The Clement Dupuis guy preaches that the top 5 must know domains are Infosec management/governance, app sec, bcp/drp, telecomm/network sec, and acc control and he is right on. Master these and you will master this exam. icon_wink.gif

- I also had a lot of crypto and physical sec questions which is fine by me. Also lots of malware attack questions which were a nice break from the sometimes strangely worded management and legal questions.

- all of the questions were relatively straightforward, the first run through I felt like shaky but when I checked my answers I felt very confident that I had passed it. btw, I'm a fast test taker and the first time through took me about 3.5 hours and an additional 2 hours to go back over my answers.

I think JD's blog on here is a great place to start, also check out cccure but the gaudy layout of the site kept me away. I liked the AIO, CISM, and the new Syngress study guide released this year. One piece of advice is go through the standards (ISO 27001 et al.) and make sure you know them very well.

Comments

  • TrainingDazeTrainingDaze Member Posts: 62 ■■□□□□□□□□
    and thanks to everyone who has contributed on this site, all of the posts really helped me out and guided me into the right direction. I'd also be happy to help any of those about to take the exam or wondering where to start. :D

    I'm really happy to have this juggernaut out of the way now. It's not the funnest experience but I definitely learned a lot and earning a CISSP is the most marketable cert by and large for us infosec folks. :)

    I'm even MORE happy to be able to move on to the next challenge, my school classes start tomorrow but I'd really like to follow the DoD8570 requirements plan and knock out the CEH at some point this spring. icon_cool.gif
  • UnixGuyUnixGuy Mod Posts: 4,570 Mod
    Good luck man, I hope you pass :)

    What's your experience background ? I'm thinking of taking it this year, we'll see :)
    Certs: GSTRT, GPEN, GCFA, CISM, CRISC, RHCE

    Learn GRC! GRC Mastery : https://grcmastery.com 

  • TrainingDazeTrainingDaze Member Posts: 62 ■■□□□□□□□□
    UnixGuy wrote: »
    Good luck man, I hope you pass :)

    What's your experience background ? I'm thinking of taking it this year, we'll see :)

    Thanks Unix Guy :D I'm pretty confident that I passed but will have to enjoy several weeks wait for the confirmation.

    I've served several information assurance roles with the DoD, but for taking the CISSP the best preparation were the classes that I've taken that went a mile deep and an inch wide into cryptography, access control, bcp and security management. If you don't have an extended background in security it by no means dictates your level of success with this exam, in fact a buddy of mine at the state department told me that he's noticed that the people with less experience who depend more on learning the material "from the book" do much better than those with a lot of experience who depend on their experience for reaching the correct answers.

    Also a great piece of advice when preparing is to take a LOT of practice exams but it's not that important to answer the questions right or wrong, but to be able to run through each optional answer and provide reasons why they are (or are not) the correct answers. Doing this is tedious but it gets you results fast! :D Of course, this may also lead to occasionally flipping to the "author bio" pic on the back of the book followed by a disapproving head nod when you realize that the author's provided solution was incorrect.. icon_lol.gif
  • [Deleted User][Deleted User] Member Posts: 0 ■■■□□□□□□□
    The user and all related content has been deleted.
  • TrainingDazeTrainingDaze Member Posts: 62 ■■□□□□□□□□
    sabooher wrote: »
    There were many areas which I focused on, only to wind up with maybe one or two questions on the exam. Then there were other areas I focused where there were no questions at all.

    Absolutely! I can't tell you how many times I read that "the only guaranteed question that one will be asked on the CISSP is a question regarding the ISC2 code of ethics" and, of course, there were 0 questions about the ISC2 code of ethics icon_lol.gif
  • ibcritnibcritn Member Posts: 340
    Absolutely! I can't tell you how many times I read that "the only guaranteed question that one will be asked on the CISSP is a question regarding the ISC2 code of ethics" and, of course, there were 0 questions about the ISC2 code of ethics icon_lol.gif

    Good luck, I hope you passed.

    I recently took the exam myself....and yes a grueling process from which I hope I don't have to repeat.
    CISSP | GCIH | CEH | CNDA | LPT | ECSA | CCENT | MCTS | A+ | Net+ | Sec+

    Next Up: Linux+/RHCSA, GCIA
  • TrainingDazeTrainingDaze Member Posts: 62 ■■□□□□□□□□
    ibcritn wrote: »
    Good luck, I hope you passed.

    I recently took the exam myself....and yes a grueling process from which I hope I don't have to repeat.

    Thanks bud, good luck to you too. I hope you get a pass email sometime soon. :D

    I see you're doing the MS with certs on the side also, it's pretty crazy trying to juggle all of the classes and going for certs. Are you doing the gcih with the live online class or just studying the material on your own? I've gone over some of the coursework and hope to address it sometime after ceh but not sure just yet icon_cool.gif
  • TrainingDazeTrainingDaze Member Posts: 62 ■■□□□□□□□□
    hey so I just got the congratulatory email from ISC^2, less than 2 weeks from when I sat for it on 1/22 in Reston. icon_cheers.gif

    I'm really relieved that I don't have to take it again and I can continue moving on and learning new things. icon_study.gif
  • TrainingDazeTrainingDaze Member Posts: 62 ■■□□□□□□□□
    Does anyone know if you can find out your actual numeric score? maybe if I emailed isc^2?
  • rwmidlrwmidl Member Posts: 807 ■■■■■■□□□□
    hey so I just got the congratulatory email from ISC^2, less than 2 weeks from when I sat for it on 1/22 in Reston. icon_cheers.gif

    I'm really relieved that I don't have to take it again and I can continue moving on and learning new things. icon_study.gif


    Congrats! I'm up for the test on March 19th! icon_study.gif
    CISSP | CISM | ACSS | ACIS | MCSA:2008 | MCITP:SA | MCSE:Security | MCSA:Security | Security + | MCTS
  • ibcritnibcritn Member Posts: 340
    hey so I just got the congratulatory email from ISC^2, less than 2 weeks from when I sat for it on 1/22 in Reston. icon_cheers.gif

    I'm really relieved that I don't have to take it again and I can continue moving on and learning new things. icon_study.gif

    Great job! Based on your responses to previous posts I fully expected you to pass.


    -Addressing your question earlier I am self-studying for GCIH. I MAY actually pay for a SANS course, but it will be later as my M.S. classes eat up my training budget very quickly. It is never easy to juggle certs/classes... can be quite challenging indeed.
    CISSP | GCIH | CEH | CNDA | LPT | ECSA | CCENT | MCTS | A+ | Net+ | Sec+

    Next Up: Linux+/RHCSA, GCIA
  • security techsecurity tech Member Posts: 95 ■■□□□□□□□□
    I love your confidence, I cannot wait to hear that you passed the exam.

    I am just now starting out studying for the CISSP. I am going to purchase the AIO by Shon Harris. Read and study that. Then I plan to purchase the IC2. Read and study that. ccure.org (study as well). Can you provide any other tips and techniques that you found helpful. I plan to take the exam Fall of 2011.
  • TrainingDazeTrainingDaze Member Posts: 62 ■■□□□□□□□□
    @rwmidl: thanks! best of luck to you as well, a month out from the exam date just try to pace yourself and hone in on where your weak areas are and spend some time there. I'm sure you'll do great :)

    @ibcritn: yeah I totally agree with you, luckily a lot of the class work overlaps or at least provides good fundamentals for the cert exams. I'm probably going to put off CEH for later the summer just because the classes are so intense right now.

    @security tech: I think the AIO will serve you well, especially so far out from the actual exam. Be sure to schedule the exam early because spots fill up fast and it's really good incentive to stay on track with your studies and not put them off.

    I also liked the eric conrad study guides for CISSP. They were really concise and got right to the point on what I really needed to know. Download this (http://home.cogeco.ca/~ericallaire/Document/CISSP%20aide%20memoire%20(e)%20v4.pdf) and run through it regularly.

    Also I have a big whiteboard in my room and I wrote up there some of the concepts that I was really slow to pick up such as the BCP process in depth, the ISO standards and the OSI chart of what firewalls and technolgies operate in which layer. It really helped A LOT to actually look over and see all of these things and I was pretty surprised to find how fast I memorized them just by putting them up on my wall. icon_wink.gif

    Overall just set the exam date and don't get discouraged, it's a lot of information but if you keep chipping away at it you will be shocked come fall at how much information you have learned and how easy the exam will be.
Sign In or Register to comment.